summaryrefslogtreecommitdiff
path: root/ext/openssl/ossl.c
diff options
context:
space:
mode:
authornobu <nobu@b2dd03c8-39d4-4d8f-98ff-823fe69b080e>2013-12-24 16:44:49 +0000
committernobu <nobu@b2dd03c8-39d4-4d8f-98ff-823fe69b080e>2013-12-24 16:44:49 +0000
commit3e37a7f745e6a91238742fe180bfba738d60624a (patch)
tree5fcb96fcb04e61397f7d08ef1e388f0cac37662d /ext/openssl/ossl.c
parentb06f4a939878ad6e6dd8120bb4963e83801b5895 (diff)
ossl.c: integer overflow
* ext/openssl/ossl.c (string2hex): fix signed integer overflow. [ruby-core:51711] [Bug #7744] [Fixes GH-242] git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@44395 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
Diffstat (limited to 'ext/openssl/ossl.c')
-rw-r--r--ext/openssl/ossl.c5
1 files changed, 3 insertions, 2 deletions
diff --git a/ext/openssl/ossl.c b/ext/openssl/ossl.c
index 43ccf4c..689f21a 100644
--- a/ext/openssl/ossl.c
+++ b/ext/openssl/ossl.c
@@ -18,11 +18,12 @@ int
string2hex(const unsigned char *buf, int buf_len, char **hexbuf, int *hexbuf_len)
{
static const char hex[]="0123456789abcdef";
- int i, len = 2 * buf_len;
+ int i, len;
- if (buf_len < 0 || len < buf_len) { /* PARANOIA? */
+ if (buf_len < 0 || buf_len > INT_MAX / 2) { /* PARANOIA? */
return -1;
}
+ len = 2 * buf_len;
if (!hexbuf) { /* if no buf, return calculated len */
if (hexbuf_len) {
*hexbuf_len = len;